The steps in all tasks in this chapter use the vi text editor in a terminal window. Alternatively, you can use
the text editor of your choice.

How to Create a Virtual Network Interface

This procedure shows how to create a virtual network interface card
(VNIC). VNICs are pseudo-interfaces upon which to build the containers of
the virtual network. The
resulting VNIC has an automatically generated MAC address. Depending on the
network interface in use, you can instead explicitly assign a MAC address
to a VNIC, as described in the dladm(1M).

Only the e1000g0 data link is running over that interface and is configured “UP”.

Unless you create customized names for your
data links, the data link has the same name as the network interface device name that is displayed by dladm show-phys. For example, network interface e1000g0 has the data
link name e1000g0 until you customize
it. For more information on customized data link names, refer to Data Link and IP Interface Configuration (Tasks).

Look for the VNIC that you just configured in the ifconfig output.
For example, vnic0 is in the previous output. The IP address
that you specified and the ifconfig “UP” flag
in the output must also be present. These items indicate that the VNIC is
correctly configured and plumbed.

Ensure that the VNIC configuration persists across reboots

Create the file /etc/hostname.vnic-name.

In the global zone, do the following:

# cd /etc
# vi hostname.vnic-nameIP address of vnic-name

For example, you type the following:

# cd /etc
# vi hostname.vnic0192.168.3.250

Update the /etc/inet/hosts file with
entries for all the VNICs you have created.

The entries in the
file should have the following format:

vnic-IP-addresszoneID-vnic-IP-address

For example, you might create the following entries:

192.168.3.250 zone0-192-168-3-250

Note –

When creating the zone alias entry, be sure to put a dash after
the zoneID. Additionally, substitute dashes for the dot delimeters in the
IP address, as shown previously.

Example 11–1 Creating Virtual Network Interfaces (VNIC)

This example contains the commands to use to create and verify three
VNICs. One VNIC is used in the global zone. Two other VNICs are used with
the exclusive IP zones in the upcoming tasks. This example illustrates the
steps in Configuring a Basic Virtual Network to
accomplish the following:

Create three VNICs, vnic0, vnic1,
and vnic2 on the data link e1000g0.

Verify that the VNICs were created

.

Configure and plumb vnic0 in the global
zone.

Make vnic0 persist across reboots.

Note –

You must log in to the system as superuser or equivalent role
to run the next commands.

Next Steps

For an example of the configuration of a basic virtual network,
see Example 11–6.

How to Create an Exclusive IP Zone Over a VNIC

The following task explains how to create two exclusive IP zones for a virtual network. If you want to use zones as the containers
for the virtual network, always use exclusive IP zones. You cannot create non–global shared IP zones over VNICs in a virtual network
scenario.

As an alternative, you can useSun xVM domains as the containers
in the virtual network. For information about configuring Sun xVM Server and its domains,
refer to theSun xVM Server Information Wiki.

Before You Begin

This procedure assumes that you have already configured at least two VNICs over a data link, as shown in Example 11–1. The VNICs are named vnic0, vnic1, and vnic2.

On the system where you create the virtual network, become superuser
or assume the equivalent root role.

Example 11–2 Creating an Exclusive IP Zone Over a VNIC

The following example contains the commands for creating a zone using
the zonecfg utility. When the example is complete, the
result is a zone called zone1 that is configured on vnic1. This example assumes that the VNIC is already created, as shown
in Example 11–1. You can use this
example for configuring as many exclusive IP zones over VNICs as you need
for your virtual network. For an illustration of a basic virtual network,
refer to Figure 10–1.

You must log in to the global zone of the system as superuser or equivalent
role to run the next commands.

The zoneadm command displays output similar to the
following for a zone that is not yet installed:

WARNING: /export/home/zone1 does not exist, so it could not be verified.
When 'zoneadm install' is run, 'install' will try to create
/export/home/zone1, and 'verify' will be tried again,
but the 'verify' may fail if:
the parent directory of /export/home/zone1 is group- or other-writable
or
/export/home/zone1 overlaps with any other installed zones.

Repeat this
procedure for all exclusive IP zones in your virtual network.

Example 11–3 Installing and Booting an Exclusive IP Zone Over a VNIC

The following example contains the zoneadm and zlogin -C commands for installing the exclusive IP zone zone1 that
is configured over vnic1. This example assumes that both
the VNIC and zone are created, as shown in Example 11–2. You can use this example for installing every exclusive IP zone
over a VNIC for your virtual network. For an illustration of a basic virtual
network, refer to Figure 10–1.

You must log in to the global zone of the system as superuser or equivalent
role to run the next commands.

# zoneadm -z zone1 verify
WARNING: /export/home/zone1 does not exist, so it could not be verified.
When 'zoneadm install' is run, 'install' will try to create
/export/home/zone1, and 'verify' will be tried again,
but the 'verify' may fail if:
the parent directory of /export/home/zone1 is group- or other-writable
or
/export/home/zone1 overlaps with any other installed zones.

Type the number for the console terminal type for your system, for example 12 for an X terminal window.

Confirm or change the information displayed by the zone configuration
program.

You receive a series of prompts for information about
the new zone. Most of the responses are automatically generated. If the information
is incorrect, you can press F4 and supply the correct information. Otherwise,
press F2 to accept and continue to the next parameter.

The information that you need to supply or verify includes:

IP address for the zone. Each exclusive IP zone and its corresponding
VNIC must have a unique IP address. You can use a DHCP address or a static
IP address.

Host name. Enter the host name for the zone, for example, zone1.

Whether the system with the virtual network is part of a subnet.

Netmask of the IP address.

Default route. You can use the IP address of the interface
on which the virtual network is built.

IP address of a router on the system's network

When you are finished configuring the zone, the system reboots. After
the reboot, the zone is ready for use.

Repeat the initial configuration steps for all zones in the virtual
network.

Next Steps

How to Manually Configure the VNIC and Exclusive IP
Zone

This procedure explains how to manually configure IP addresses for VNICs
and their associated zones. If you configured zones through the zone console
after the initial booting, these addresses are configured automatically. You
need to follow the next steps only if one of the following conditions is true:

You did not run the zone console configuration program after
booting the zones and want to configure IP addresses manually. In this case,
you should perform all the steps in the procedure.

You performed the validation checks in How to Verify the Exclusive IP Zone Over VNIC Configurationand uncovered
problems. Some typical problems include the VNIC was not plumbed, or problems
with a relevant files, such as hostname.vnic-name. In this case, complete only the steps that relate to the specific
problems that you found.

Before You Begin

The procedure assumes that both the VNIC and zone are created, installed,
and booted in the global zone.

On the system where you create the virtual network, become superuser
or assume the equivalent root role.

If the parent directory for the zones does not exist, check your zone
configuration.

Verify that the zone home directory trees exist in the correct
parent directory in the global zone.

# pwd
/export/home
# lszone-name

For example, to verify that the zone subdirectories have been created
in the parent /export/home directory, in the global zone,
type:

# ls
zone1 zone2

The subdirectories for the two new zones have been created. If these
subdirectories do not exist, check your zone configuration.

Verify that the hostname.vnic-name file
exists and that its entry is correct.

Each VNIC that you configure
for a zone requires a hostname.vnic-name file
to ensure that the IP address of the VNIC and zone persist after reboots.
First, verify that a hostname.vnic-name file
exists:

cd /export/home/zone-name/root/etc
# ls host*
hostname.vnic1 hosts

This output indicates that a hostname.vnic1 file
exists. The file should contain one entry with the name of the zone, for example:

The only non-loopback IP address in this output is 192.168.3.70,
the address associated with the system's network interface. Add entries for
all VNICs associated with zones to this file, using the following format:

VNIC-IP-address zone-name- IP address

For example, you would type the following entry for vnic1 and zone1:

192.168.3.20 zone1-192-168-3-20

Log in to the new zone and verify that you are in its home directory:

For example,
for zone1 you would type:

# zlogin zone1
# pwd
/

You are now in the
root directory of zone1. If you cannot log in to the zone,
check your zone configuration.

Verify that the VNIC you previously defined for the zone is now
configured as an IP interface.

In the output, vnic1 is configured with the IP address
that you specified during zone configuration. vnic1 also
has an automatically generated unique MAC address ether 2:8:20:54:f4:74 .
Note that there are no entries for the system's network interfaces or for
VNICs that are configured for other zones.

If you do not have an entry for the VNIC associated with the zone, you
need to plumb the VNIC. In particular, you will have these results if you
chose not to perform initial VNIC configuration from the zone console. For
instructions for plumbing the VNIC, refer to the appropriate step in How to Manually Configure the VNIC and Exclusive IP Zone.

Exit the current zone.

Return to the global zone, where you can repeat the previous steps to confirm that all VNICs and zones are properly configured.

Next Steps

You can use various tools to observe network traffic and take statistics on zone usage.

How to Remove the Virtual Network Without Removing
the Zones

The following procedure shows how to take down a virtual network while
leaving its zones intact. The instructions refer to the virtual network that
is configured in Configuring a Basic Virtual Network.

The resulting output shows that the VNICs are still configured as data
links in the global zone. These VNICs were only plumbed and up in their associated
exclusive IP zones, which are now halted. These VNICs are not plumbed in the
global zones.

Delete the VNICs.

# dladm delete-vnicvnic-link-name

For example, you would type the following to delete the VNICs in the
zones in Figure 10–1.

# dladm delete-vnic vnic1
# dladm delete-vnic vnic1

Next Steps

You can perform further operations on the existing zones, as required.